-
CAPD: A Context-Aware, Policy-Driven Framework for Secure and Resilient IoBT Operations
Authors:
Sai Sree Laya Chukkapalli,
Anupam Joshi,
Tim Finin,
Robert F. Erbacher
Abstract:
The Internet of Battlefield Things (IoBT) will advance the operational effectiveness of infantry units. However, this requires autonomous assets such as sensors, drones, combat equipment, and uncrewed vehicles to collaborate, securely share information, and be resilient to adversary attacks in contested multi-domain operations. CAPD addresses this problem by providing a context-aware, policy-drive…
▽ More
The Internet of Battlefield Things (IoBT) will advance the operational effectiveness of infantry units. However, this requires autonomous assets such as sensors, drones, combat equipment, and uncrewed vehicles to collaborate, securely share information, and be resilient to adversary attacks in contested multi-domain operations. CAPD addresses this problem by providing a context-aware, policy-driven framework supporting data and knowledge exchange among autonomous entities in a battlespace. We propose an IoBT ontology that facilitates controlled information sharing to enable semantic interoperability between systems. Its key contributions include providing a knowledge graph with a shared semantic schema, integration with background knowledge, efficient mechanisms for enforcing data consistency and drawing inferences, and supporting attribute-based access control. The sensors in the IoBT provide data that create populated knowledge graphs based on the ontology. This paper describes using CAPD to detect and mitigate adversary actions. CAPD enables situational awareness using reasoning over the sensed data and SPARQL queries. For example, adversaries can cause sensor failure or hijacking and disrupt the tactical networks to degrade video surveillance. In such instances, CAPD uses an ontology-based reasoner to see how alternative approaches can still support the mission. Depending on bandwidth availability, the reasoner initiates the creation of a reduced frame rate grayscale video by active transcoding or transmits only still images. This ability to reason over the mission sensed environment and attack context permits the autonomous IoBT system to exhibit resilience in contested conditions.
△ Less
Submitted 2 August, 2022;
originally announced August 2022.
-
Base-Rate Fallacy Redux and a Deep Dive Review in Cybersecurity
Authors:
Robert F. Erbacher
Abstract:
This paper examines the current state of the science underlying cybersecurity research with an emphasis on the non-signature-based intrusion detection domain. First, the paper re-examines the base-rate fallacy originally published by Axelsson, putting the impact of false positives into context. Given the relative high numbers of false positives, the paper argues for deeper analysis of false positi…
▽ More
This paper examines the current state of the science underlying cybersecurity research with an emphasis on the non-signature-based intrusion detection domain. First, the paper re-examines the base-rate fallacy originally published by Axelsson, putting the impact of false positives into context. Given the relative high numbers of false positives, the paper argues for deeper analysis of false positives, akin to the analysis that true positives are treated to. The second section of the paper examines the metrics being used to analyze non-signature intrusion detection techniques, the current status quo of employed metrics, and the impact of the status quo on scientific advancement. Finally, the paper analyzes the use of online attack graphs and their applicability, especially in scenarios of constrained environments, such as Internet of Things devices. The use of offline attack graphs in such constrained environments is also examined. In essence, a deep dive review identified multiple areas throughout the field in which the effectiveness and validity of the scientific method can be greatly improved, e.g., through removal of logical fallacies.
△ Less
Submitted 14 March, 2022;
originally announced March 2022.
-
Directed Multicut with linearly ordered terminals
Authors:
Robert F. Erbacher,
Trent Jaeger,
Nirupama Talele,
Jason Teutsch
Abstract:
Motivated by an application in network security, we investigate the following "linear" case of Directed Mutlicut. Let $G$ be a directed graph which includes some distinguished vertices $t_1, \ldots, t_k$. What is the size of the smallest edge cut which eliminates all paths from $t_i$ to $t_j$ for all $i < j$? We show that this problem is fixed-parameter tractable when parametrized in the cutset si…
▽ More
Motivated by an application in network security, we investigate the following "linear" case of Directed Mutlicut. Let $G$ be a directed graph which includes some distinguished vertices $t_1, \ldots, t_k$. What is the size of the smallest edge cut which eliminates all paths from $t_i$ to $t_j$ for all $i < j$? We show that this problem is fixed-parameter tractable when parametrized in the cutset size $p$ via an algorithm running in $O(4^p p n^4)$ time.
△ Less
Submitted 28 July, 2014;
originally announced July 2014.